Total
3123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1513 | 3 Canonical, Debian, Qmail Project | 3 Ubuntu Linux, Debian Linux, Qmail | 2024-11-20 | 9.8 Critical |
| Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request. | ||||
| CVE-2005-1141 | 1 Optical Character Recognition Project | 1 Optical Character Recognition | 2024-11-20 | 9.8 Critical |
| Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, which leads to a heap-based buffer overflow. | ||||
| CVE-2005-0102 | 3 Debian, Gnome, Redhat | 3 Debian Linux, Evolution, Enterprise Linux | 2024-11-20 | 9.8 Critical |
| Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. | ||||
| CVE-2004-2013 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 7.8 High |
| Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | ||||
| CVE-2004-0788 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2024-11-20 | N/A |
| Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file. | ||||
| CVE-2004-0657 | 2 Hp, Ntp | 2 Tru64 Unix, Ntp | 2024-11-20 | 7.1 High |
| Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time. | ||||
| CVE-2002-2439 | 1 Gnu | 1 Gcc | 2024-11-20 | 7.8 High |
| Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. | ||||
| CVE-2002-0639 | 1 Openbsd | 1 Openssh | 2024-11-20 | 9.8 Critical |
| Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication. | ||||
| CVE-2024-33024 | 1 Qualcomm | 364 Ar8035, Ar8035 Firmware, Csr8811 and 361 more | 2024-11-20 | 7.5 High |
| Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length. | ||||
| CVE-2024-33022 | 1 Qualcomm | 251 Ar8035, Ar8035 Firmware, Csra6620 and 248 more | 2024-11-20 | 8.4 High |
| Memory corruption while allocating memory in HGSL driver. | ||||
| CVE-2024-46613 | 1 Weechat | 1 Weechat | 2024-11-19 | 4.3 Medium |
| WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_free_split, string_free_split_command, and string_free_split_tags. | ||||
| CVE-2024-52919 | 1 Bitcoin | 1 Bitcoin Core | 2024-11-18 | 6.5 Medium |
| Bitcoin Core before 22.0 has a CAddrMan nIdCount integer overflow and resultant assertion failure (and daemon exit) via a flood of addr messages. | ||||
| CVE-2024-52912 | 1 Bitcoin | 1 Bitcoin Core | 2024-11-18 | 7.5 High |
| Bitcoin Core before 0.21.0 allows a network split that is resultant from an integer overflow (calculating the time offset for newly connecting peers) and an abs64 logic bug. | ||||
| CVE-2024-21783 | 2024-11-15 | 4.8 Medium | ||
| Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-46953 | 3 Artifex, Debian, Suse | 5 Ghostscript, Debian Linux, Linux Enterprise High Performance Computing and 2 more | 2024-11-14 | 7.8 High |
| An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. | ||||
| CVE-2024-34121 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-11-01 | 7.8 High |
| Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-21210 | 2 Oracle, Redhat | 8 Java Se, Enterprise Linux, Openjdk and 5 more | 2024-10-31 | 3.7 Low |
| Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). | ||||
| CVE-2024-50610 | 1 Gnu | 1 Gnu Scientific Library | 2024-10-30 | 3.6 Low |
| GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs. | ||||
| CVE-2024-47024 | 1 Google | 2 Android, Pixel | 2024-10-28 | 7.4 High |
| In vring_size of external/headers/include/virtio/virtio_ring.h, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-47028 | 1 Google | 2 Android, Pixel | 2024-10-28 | 5.1 Medium |
| In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||